Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.6

    HIGH
    CVE-2024-45497

    A flaw was found in the OpenShift build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build pod. This file contains sensitive credentials necessary for ... Read more

    • Published: Dec. 31, 2024
    • Modified: Jul. 17, 2025

  • 8.8

    HIGH
    CVE-2024-13040

    The QOCA aim from Quanta Computer has an Authorization Bypass Through User-Controlled Key vulnerability. By controlling the user ID parameter, remote attackers with regular privileges could access certain features as any user, modify any user's account in... Read more

    Affected Products :
    • Published: Dec. 31, 2024
    • Modified: Dec. 31, 2024

  • 8.8

    HIGH
    CVE-2024-12839

    The login mechanism via device authentication of CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability. If a user visits a forged website, the agent program deployed on their device will send an authentication signature to... Read more

    Affected Products :
    • Published: Dec. 31, 2024
    • Modified: Dec. 31, 2024

  • 8.8

    HIGH
    CVE-2024-12838

    The passwordless login mechanism in CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability, allowing remote attackers with regular privileges to send a crafted request to switch to the identity of any user, including admini... Read more

    Affected Products :
    • Published: Dec. 31, 2024
    • Modified: Dec. 31, 2024

  • 4.8

    MEDIUM
    CVE-2024-13058

    An issue exists in SoftIron HyperCloud where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availability of the backend software-defined storage subsystem. This issue only impacts SoftIron Hy... Read more

    Affected Products : hypercloud
    • Published: Dec. 30, 2024
    • Modified: Aug. 29, 2025

  • 7.8

    HIGH
    CVE-2024-13051

    Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required ... Read more

    Affected Products : graphite
    • Published: Dec. 30, 2024
    • Modified: Jan. 03, 2025

  • 7.8

    HIGH
    CVE-2024-13050

    Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required ... Read more

    Affected Products : graphite
    • Published: Dec. 30, 2024
    • Modified: Jan. 03, 2025

  • 7.8

    HIGH
    CVE-2024-13049

    Ashlar-Vellum Cobalt XE File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this v... Read more

    Affected Products : cobalt
    • Published: Dec. 30, 2024
    • Modified: Aug. 08, 2025

  • 7.8

    HIGH
    CVE-2024-13048

    Ashlar-Vellum Cobalt XE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit t... Read more

    Affected Products : cobalt
    • Published: Dec. 30, 2024
    • Modified: Aug. 08, 2025

  • 7.8

    HIGH
    CVE-2024-13047

    Ashlar-Vellum Cobalt CO File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this v... Read more

    Affected Products : cobalt
    • Published: Dec. 30, 2024
    • Modified: Aug. 08, 2025

  • 7.8

    HIGH
    CVE-2024-13046

    Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit t... Read more

    Affected Products : cobalt
    • Published: Dec. 30, 2024
    • Modified: Aug. 15, 2025

  • 7.8

    HIGH
    CVE-2024-13045

    Ashlar-Vellum Cobalt AR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to e... Read more

    Affected Products : cobalt
    • Published: Dec. 30, 2024
    • Modified: Aug. 08, 2025

  • 7.8

    HIGH
    CVE-2024-13044

    Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit t... Read more

    Affected Products : cobalt
    • Published: Dec. 30, 2024
    • Modified: Aug. 08, 2025

  • 7.8

    HIGH
    CVE-2024-13043

    Panda Security Dome Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privil... Read more

    Affected Products : panda_dome panda_dome
    • Published: Dec. 30, 2024
    • Modified: Jan. 03, 2025

  • 5.3

    MEDIUM
    CVE-2024-13042

    A vulnerability was found in Tsinghua Unigroup Electronic Archives Management System 3.2.210802(62532). It has been classified as problematic. Affected is the function download of the file /Searchnew/Subject/download.html. The manipulation of the argument... Read more

    Affected Products :
    • Published: Dec. 30, 2024
    • Modified: Jan. 04, 2025

  • 7.3

    HIGH
    CVE-2024-12753

    Foxit PDF Reader Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged c... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Dec. 30, 2024
    • Modified: Aug. 08, 2025

  • 7.8

    HIGH
    CVE-2024-12752

    Foxit PDF Reader AcroForm Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Dec. 30, 2024
    • Modified: Aug. 08, 2025

  • 7.8

    HIGH
    CVE-2024-12751

    Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerabilit... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Dec. 30, 2024
    • Modified: Aug. 08, 2025

  • 6.5

    MEDIUM
    CVE-2024-11946

    iXsystems TrueNAS CORE fetch_plugin_packagesites tar Cleartext Transmission of Sensitive Information Vulnerability. This vulnerability allows network-adjacent attackers to tamper with firmware update files on affected installations of iXsystems TrueNAS de... Read more

    Affected Products : truenas_firmware truenas
    • Published: Dec. 30, 2024
    • Modified: Aug. 18, 2025

  • 8.8

    HIGH
    CVE-2024-11944

    iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of iXsystems TrueNAS devices. Authentication is not... Read more

    Affected Products : truenas_firmware truenas
    • Published: Dec. 30, 2024
    • Modified: Aug. 18, 2025
Showing 20 of 293608 Results